<?php
require("db_config.php");
require("blowfish.php");

if(isset($_POST["MessageBlock"]) && isset($_POST['myID'])){
$totalMacIds=0;
$curtime=$_SERVER['REQUEST_TIME'];
$auth = 0;

$con = mysql_connect($db_host,$db_user,$db_password);
if (!$con)
{
	die('Could not connect: ' . mysql_error());
}

mysql_select_db($db_name, $con);
$result = mysql_query("SELECT id FROM software where software_key='".$_POST['myID']."' and registered = 2;");
$row=mysql_fetch_array($result);
if($row != null && $row != "")
{
	$software_id=$row['id'];
	$rs=mysql_query("select vi from audit where software_id = ".$software_id." and action='TOKEN-IO:ACCESS' and timestamp between ".($curtime-600)." and ".$curtime." order by timestamp DESC");
	$row=mysql_fetch_array($rs);
	$vi=$row['vi'];
	$data=decryptString(hex2bin($_POST["MessageBlock"]),$vi);
	$message = json_decode(stripslashes($data));
}

	if(isset($message->{"osProductKey"})){
		$osProductKey=$message->{"osProductKey"};
		$row=mysql_query("select `id` from t_anandsoftware_security_properties where `key` = 'osProductKey' and `software_id` = ".$software_id." and `value` = '".$osProductKey."'");
		$r = mysql_fetch_array($row);
		if($r != null && $r['id'] > 0){
		//	echo "in 1";
			$auth++;
		}
	}
	
	if(isset($message->{"osDriveSerialNumber"})){
		$osDriveSerialNumber=$message->{"osDriveSerialNumber"};
		$row=mysql_query("select `id` from t_anandsoftware_security_properties where `key` = 'osDriveSerialNumber' and `software_id` = ".$software_id." and `value` = '".$osDriveSerialNumber."'");
		$r = mysql_fetch_array($row);
		if($r != null && $r != "" && $r['id'] > 0){
		//	echo "in 2";
			$auth++;
		}
	}
	
	if(isset($message->{"macIdList"})){
		$macIdList=$message->{"macIdList"};
		$macIds=array();
		$tmp_ctr = 0;
		foreach($macIdList as $key => $value)
		{
			$macIds[$totalMacIds++] = $value;
			$row=mysql_query("select `id` from t_anandsoftware_security_properties where `key` = 'macId' and `software_id` = ".$software_id." and `value` = '".$value."'");
			$r = mysql_fetch_array($row);
			if($r != null && $r != "" && $r['id'] > 0){
				$tmp_ctr++;
			//	echo "in 3.".$tmp_ctr;
			}
		}
		if(sizeof($macIds) == $tmp_ctr){
			$auth++;
			//echo "in 4";
		}
	}
	mysql_query("insert into audit (software_id,vi,timestamp,action) values ('".$software_id."','".$vi."',".$curtime.",'Authentication: ".$auth."')");
	mysql_close($con);
	echo $auth;
}


?>